Malware slips into OS X's definition list

Apple has silently updated malware definitions in OS X to block a trojan discovered on the Internet earlier this week. Known as Trojan.SMSSend.3666, the code comes disguised as an installer for various apps. Opening the installer prompts people to "activate" their software by SMS, entering a key into the installer after receiving an initial text. The reality is that the trojan is signing users up for a subscription service that charges them via their cellphone bill.

The malware is listed as "OSX.SMSSend.i" in OS X 's Xprotect.plist file. In Lion and Mountain Lion, as well as the final version of Snow Leopard, malware definitions are updated daily without user control. Apple did once rely on manual updates, but decided to make them automatic last year as attacks against OS X users were on the rise.

by MacNN Staff